Commit 618d919c authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'libnvdimm-fixes-5.1-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm 

Pull libnvdimm fixes from Dan Williams:
 "I debated holding this back for the v5.2 merge window due to the size
  of the "zero-key" changes, but affected users would benefit from
  having the fixes sooner. It did not make sense to change the zero-key
  semantic in isolation for the "secure-erase" command, but instead
  include it for all security commands.

  The short background on the need for these changes is that some NVDIMM
  platforms enable security with a default zero-key rather than let the
  OS specify the initial key. This makes the security enabling that
  landed in v5.0 unusable for some users.

  Summary:

   - Compatibility fix for nvdimm-security implementations with a
     default zero-key.

   - Miscellaneous small fixes for out-of-bound accesses, cleanup after
     initialization failures, and missing debug messages"

* tag 'libnvdimm-fixes-5.1-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm:
  tools/testing/nvdimm: Retain security state after overwrite
  libnvdimm/pmem: fix a possible OOB access when read and write pmem
  libnvdimm/security, acpi/nfit: unify zero-key for all security commands
  libnvdimm/security: provide fix for secure-erase to use zero-key
  libnvdimm/btt: Fix a kmemdup failure check
  libnvdimm/namespace: Fix a potential NULL pointer dereference
  acpi/nfit: Always dump _DSM output payload
parents 5512320c 2170a0d5

drivers/acpi/nfit/core.c

+6 −6
Original line number Diff line number Diff line
@@ -567,6 +567,12 @@ int acpi_nfit_ctl(struct nvdimm_bus_descriptor *nd_desc, struct nvdimm *nvdimm, 
		goto out;

	}



	dev_dbg(dev, "%s cmd: %s output length: %d\n", dimm_name,

			cmd_name, out_obj->buffer.length);

	print_hex_dump_debug(cmd_name, DUMP_PREFIX_OFFSET, 4, 4,

			out_obj->buffer.pointer,

			min_t(u32, 128, out_obj->buffer.length), true);



	if (call_pkg) {

		call_pkg->nd_fw_size = out_obj->buffer.length;

		memcpy(call_pkg->nd_payload + call_pkg->nd_size_in,
@@ -585,12 +591,6 @@ int acpi_nfit_ctl(struct nvdimm_bus_descriptor *nd_desc, struct nvdimm *nvdimm, 
		return 0;

	}



	dev_dbg(dev, "%s cmd: %s output length: %d\n", dimm_name,

			cmd_name, out_obj->buffer.length);

	print_hex_dump_debug(cmd_name, DUMP_PREFIX_OFFSET, 4, 4,

			out_obj->buffer.pointer,

			min_t(u32, 128, out_obj->buffer.length), true);



	for (i = 0, offset = 0; i < desc->out_num; i++) {

		u32 out_size = nd_cmd_out_size(nvdimm, cmd, desc, i, buf,

				(u32 *) out_obj->buffer.pointer,

drivers/acpi/nfit/intel.c

+4 −6
Original line number Diff line number Diff line
@@ -122,7 +122,6 @@ static int intel_security_change_key(struct nvdimm *nvdimm, 
	if (!test_bit(cmd, &nfit_mem->dsm_mask))

		return -ENOTTY;



	if (old_data)

	memcpy(nd_cmd.cmd.old_pass, old_data->data,

			sizeof(nd_cmd.cmd.old_pass));

	memcpy(nd_cmd.cmd.new_pass, new_data->data,
@@ -336,7 +335,6 @@ static int __maybe_unused intel_security_overwrite(struct nvdimm *nvdimm, 


	/* flush all cache before we erase DIMM */

	nvdimm_invalidate_cache();

	if (nkey)

	memcpy(nd_cmd.cmd.passphrase, nkey->data,

			sizeof(nd_cmd.cmd.passphrase));

	rc = nvdimm_ctl(nvdimm, ND_CMD_CALL, &nd_cmd, sizeof(nd_cmd), NULL);

drivers/nvdimm/btt_devs.c

+13 −5
Original line number Diff line number Diff line
@@ -198,14 +198,15 @@ static struct device *__nd_btt_create(struct nd_region *nd_region, 
		return NULL;



	nd_btt->id = ida_simple_get(&nd_region->btt_ida, 0, 0, GFP_KERNEL);

	if (nd_btt->id < 0) {

		kfree(nd_btt);

		return NULL;

	}

	if (nd_btt->id < 0)

		goto out_nd_btt;



	nd_btt->lbasize = lbasize;

	if (uuid)

	if (uuid) {

		uuid = kmemdup(uuid, 16, GFP_KERNEL);

		if (!uuid)

			goto out_put_id;

	}

	nd_btt->uuid = uuid;

	dev = &nd_btt->dev;

	dev_set_name(dev, "btt%d.%d", nd_region->id, nd_btt->id);
@@ -220,6 +221,13 @@ static struct device *__nd_btt_create(struct nd_region *nd_region, 
		return NULL;

	}

	return dev;



out_put_id:

	ida_simple_remove(&nd_region->btt_ida, nd_btt->id);



out_nd_btt:

	kfree(nd_btt);

	return NULL;

}



struct device *nd_btt_create(struct nd_region *nd_region)

drivers/nvdimm/namespace_devs.c

+4 −1
Original line number Diff line number Diff line
@@ -2249,9 +2249,12 @@ static struct device *create_namespace_blk(struct nd_region *nd_region, 
	if (!nsblk->uuid)

		goto blk_err;

	memcpy(name, nd_label->name, NSLABEL_NAME_LEN);

	if (name[0])

	if (name[0]) {

		nsblk->alt_name = kmemdup(name, NSLABEL_NAME_LEN,

				GFP_KERNEL);

		if (!nsblk->alt_name)

			goto blk_err;

	}

	res = nsblk_add_resource(nd_region, ndd, nsblk,

			__le64_to_cpu(nd_label->dpa));

	if (!res)

drivers/nvdimm/pmem.c

+4 −4
Original line number Diff line number Diff line
@@ -113,13 +113,13 @@ static void write_pmem(void *pmem_addr, struct page *page, 


	while (len) {

		mem = kmap_atomic(page);

		chunk = min_t(unsigned int, len, PAGE_SIZE);

		chunk = min_t(unsigned int, len, PAGE_SIZE - off);

		memcpy_flushcache(pmem_addr, mem + off, chunk);

		kunmap_atomic(mem);

		len -= chunk;

		off = 0;

		page++;

		pmem_addr += PAGE_SIZE;

		pmem_addr += chunk;

	}

}
@@ -132,7 +132,7 @@ static blk_status_t read_pmem(struct page *page, unsigned int off, 


	while (len) {

		mem = kmap_atomic(page);

		chunk = min_t(unsigned int, len, PAGE_SIZE);

		chunk = min_t(unsigned int, len, PAGE_SIZE - off);

		rem = memcpy_mcsafe(mem + off, pmem_addr, chunk);

		kunmap_atomic(mem);

		if (rem)
@@ -140,7 +140,7 @@ static blk_status_t read_pmem(struct page *page, unsigned int off, 
		len -= chunk;

		off = 0;

		page++;

		pmem_addr += PAGE_SIZE;

		pmem_addr += chunk;

	}

	return BLK_STS_OK;

}

CRA Git | Maintained and supported by SUSTech CRA and CCSE